The goal of this session is to present how access to in-depth threat intel can enhance a Red Team, especially when conducted against industries that are considered Critical National Infrastructure (CNI). When aiming to provide customers with as realistic a simulated attack as possible, the Red Team can combine with the available intel and customise their toolkit, tactics and objectives depending on which Threat Actors are selected as most likely against the customer. This session will illustrate how Mandiant elevates the relevance of their Red Teams using Threat Intel throughout the Attack Lifecycle and how different CNI customers impacts the testing approach.